src/share/jaxws_classes/com/sun/xml/internal/ws/util/xml/XmlUtil.java

Thu, 31 Aug 2017 15:18:52 +0800

author
aoqi
date
Thu, 31 Aug 2017 15:18:52 +0800
changeset 637
9c07ef4934dd
parent 515
6cd506508147
parent 0
373ffda63c9a
child 760
e530533619ec
permissions
-rw-r--r--

merge

     1 /*
     2  * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
     4  *
     5  * This code is free software; you can redistribute it and/or modify it
     6  * under the terms of the GNU General Public License version 2 only, as
     7  * published by the Free Software Foundation.  Oracle designates this
     8  * particular file as subject to the "Classpath" exception as provided
     9  * by Oracle in the LICENSE file that accompanied this code.
    10  *
    11  * This code is distributed in the hope that it will be useful, but WITHOUT
    12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
    13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
    14  * version 2 for more details (a copy is included in the LICENSE file that
    15  * accompanied this code).
    16  *
    17  * You should have received a copy of the GNU General Public License version
    18  * 2 along with this work; if not, write to the Free Software Foundation,
    19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
    20  *
    21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
    22  * or visit www.oracle.com if you need additional information or have any
    23  * questions.
    24  */
    26 package com.sun.xml.internal.ws.util.xml;
    28 import com.sun.istack.internal.Nullable;
    29 import com.sun.org.apache.xml.internal.resolver.Catalog;
    30 import com.sun.org.apache.xml.internal.resolver.CatalogManager;
    31 import com.sun.org.apache.xml.internal.resolver.tools.CatalogResolver;
    32 import com.sun.xml.internal.ws.server.ServerRtException;
    33 import com.sun.xml.internal.ws.util.ByteArrayBuffer;
    34 import org.w3c.dom.Attr;
    35 import org.w3c.dom.Element;
    36 import org.w3c.dom.EntityReference;
    37 import org.w3c.dom.Node;
    38 import org.w3c.dom.NodeList;
    39 import org.w3c.dom.Text;
    40 import org.xml.sax.*;
    42 import javax.xml.XMLConstants;
    43 import javax.xml.namespace.QName;
    44 import javax.xml.parsers.DocumentBuilderFactory;
    45 import javax.xml.parsers.ParserConfigurationException;
    46 import javax.xml.parsers.SAXParserFactory;
    47 import javax.xml.stream.XMLInputFactory;
    48 import javax.xml.transform.Result;
    49 import javax.xml.transform.Source;
    50 import javax.xml.transform.Transformer;
    51 import javax.xml.transform.TransformerConfigurationException;
    52 import javax.xml.transform.TransformerException;
    53 import javax.xml.transform.TransformerFactory;
    54 import javax.xml.transform.sax.SAXTransformerFactory;
    55 import javax.xml.transform.sax.TransformerHandler;
    56 import javax.xml.transform.stream.StreamSource;
    57 import javax.xml.validation.SchemaFactory;
    58 import javax.xml.ws.WebServiceException;
    59 import javax.xml.xpath.XPathFactory;
    60 import javax.xml.xpath.XPathFactoryConfigurationException;
    61 import java.io.IOException;
    62 import java.io.InputStream;
    63 import java.io.OutputStreamWriter;
    64 import java.io.Writer;
    65 import java.net.URL;
    66 import java.util.ArrayList;
    67 import java.util.Enumeration;
    68 import java.util.Iterator;
    69 import java.util.List;
    70 import java.util.StringTokenizer;
    71 import java.util.logging.Level;
    72 import java.util.logging.Logger;
    74 /**
    75  * @author WS Development Team
    76  */
    77 public class XmlUtil {
    79     // not in older JDK, so must be duplicated here, otherwise javax.xml.XMLConstants should be used
    80     private static final String ACCESS_EXTERNAL_SCHEMA = "http://javax.xml.XMLConstants/property/accessExternalSchema";
    82     private final static String LEXICAL_HANDLER_PROPERTY =
    83         "http://xml.org/sax/properties/lexical-handler";
    85     private static final Logger LOGGER = Logger.getLogger(XmlUtil.class.getName());
    87     private static boolean XML_SECURITY_DISABLED;
    89     static {
    90         String disableXmlSecurity = System.getProperty("com.sun.xml.internal.ws.disableXmlSecurity");
    91         XML_SECURITY_DISABLED = disableXmlSecurity == null || !Boolean.valueOf(disableXmlSecurity);
    92     }
    94     public static String getPrefix(String s) {
    95         int i = s.indexOf(':');
    96         if (i == -1)
    97             return null;
    98         return s.substring(0, i);
    99     }
   101     public static String getLocalPart(String s) {
   102         int i = s.indexOf(':');
   103         if (i == -1)
   104             return s;
   105         return s.substring(i + 1);
   106     }
   110     public static String getAttributeOrNull(Element e, String name) {
   111         Attr a = e.getAttributeNode(name);
   112         if (a == null)
   113             return null;
   114         return a.getValue();
   115     }
   117     public static String getAttributeNSOrNull(
   118         Element e,
   119         String name,
   120         String nsURI) {
   121         Attr a = e.getAttributeNodeNS(nsURI, name);
   122         if (a == null)
   123             return null;
   124         return a.getValue();
   125     }
   127     public static String getAttributeNSOrNull(
   128         Element e,
   129         QName name) {
   130         Attr a = e.getAttributeNodeNS(name.getNamespaceURI(), name.getLocalPart());
   131         if (a == null)
   132             return null;
   133         return a.getValue();
   134     }
   136 /*    public static boolean matchesTagNS(Element e, String tag, String nsURI) {
   137         try {
   138             return e.getLocalName().equals(tag)
   139                 && e.getNamespaceURI().equals(nsURI);
   140         } catch (NullPointerException npe) {
   142             // localname not null since parsing would fail before here
   143             throw new WSDLParseException(
   144                 "null.namespace.found",
   145                 e.getLocalName());
   146         }
   147     }
   149     public static boolean matchesTagNS(
   150         Element e,
   151         javax.xml.namespace.QName name) {
   152         try {
   153             return e.getLocalName().equals(name.getLocalPart())
   154                 && e.getNamespaceURI().equals(name.getNamespaceURI());
   155         } catch (NullPointerException npe) {
   157             // localname not null since parsing would fail before here
   158             throw new WSDLParseException(
   159                 "null.namespace.found",
   160                 e.getLocalName());
   161         }
   162     }*/
   164     public static Iterator getAllChildren(Element element) {
   165         return new NodeListIterator(element.getChildNodes());
   166     }
   168     public static Iterator getAllAttributes(Element element) {
   169         return new NamedNodeMapIterator(element.getAttributes());
   170     }
   172     public static List<String> parseTokenList(String tokenList) {
   173         List<String> result = new ArrayList<String>();
   174         StringTokenizer tokenizer = new StringTokenizer(tokenList, " ");
   175         while (tokenizer.hasMoreTokens()) {
   176             result.add(tokenizer.nextToken());
   177         }
   178         return result;
   179     }
   181     public static String getTextForNode(Node node) {
   182         StringBuilder sb = new StringBuilder();
   184         NodeList children = node.getChildNodes();
   185         if (children.getLength() == 0)
   186             return null;
   188         for (int i = 0; i < children.getLength(); ++i) {
   189             Node n = children.item(i);
   191             if (n instanceof Text)
   192                 sb.append(n.getNodeValue());
   193             else if (n instanceof EntityReference) {
   194                 String s = getTextForNode(n);
   195                 if (s == null)
   196                     return null;
   197                 else
   198                     sb.append(s);
   199             } else
   200                 return null;
   201         }
   203         return sb.toString();
   204     }
   206     public static InputStream getUTF8Stream(String s) {
   207         try {
   208             ByteArrayBuffer bab = new ByteArrayBuffer();
   209             Writer w = new OutputStreamWriter(bab, "utf-8");
   210             w.write(s);
   211             w.close();
   212             return bab.newInputStream();
   213         } catch (IOException e) {
   214             throw new RuntimeException("should not happen");
   215         }
   216     }
   218     static final ContextClassloaderLocal<TransformerFactory> transformerFactory = new ContextClassloaderLocal<TransformerFactory>() {
   219         @Override
   220         protected TransformerFactory initialValue() throws Exception {
   221             return TransformerFactory.newInstance();
   222         }
   223     };
   225     static final ContextClassloaderLocal<SAXParserFactory> saxParserFactory = new ContextClassloaderLocal<SAXParserFactory>() {
   226         @Override
   227         protected SAXParserFactory initialValue() throws Exception {
   228             SAXParserFactory factory = SAXParserFactory.newInstance();
   229             factory.setNamespaceAware(true);
   230             return factory;
   231         }
   232     };
   234     /**
   235      * Creates a new identity transformer.
   236      */
   237     public static Transformer newTransformer() {
   238         try {
   239             return transformerFactory.get().newTransformer();
   240         } catch (TransformerConfigurationException tex) {
   241             throw new IllegalStateException("Unable to create a JAXP transformer");
   242         }
   243     }
   245     /**
   246      * Performs identity transformation.
   247      */
   248     public static <T extends Result>
   249     T identityTransform(Source src, T result) throws TransformerException, SAXException, ParserConfigurationException, IOException {
   250         if (src instanceof StreamSource) {
   251             // work around a bug in JAXP in JDK6u4 and earlier where the namespace processing
   252             // is not turned on by default
   253             StreamSource ssrc = (StreamSource) src;
   254             TransformerHandler th = ((SAXTransformerFactory) transformerFactory.get()).newTransformerHandler();
   255             th.setResult(result);
   256             XMLReader reader = saxParserFactory.get().newSAXParser().getXMLReader();
   257             reader.setContentHandler(th);
   258             reader.setProperty(LEXICAL_HANDLER_PROPERTY, th);
   259             reader.parse(toInputSource(ssrc));
   260         } else {
   261             newTransformer().transform(src, result);
   262         }
   263         return result;
   264     }
   266     private static InputSource toInputSource(StreamSource src) {
   267         InputSource is = new InputSource();
   268         is.setByteStream(src.getInputStream());
   269         is.setCharacterStream(src.getReader());
   270         is.setPublicId(src.getPublicId());
   271         is.setSystemId(src.getSystemId());
   272         return is;
   273     }
   275     /*
   276     * Gets an EntityResolver using XML catalog
   277     */
   278      public static EntityResolver createEntityResolver(@Nullable URL catalogUrl) {
   279         // set up a manager
   280         CatalogManager manager = new CatalogManager();
   281         manager.setIgnoreMissingProperties(true);
   282         // Using static catalog may  result in to sharing of the catalog by multiple apps running in a container
   283         manager.setUseStaticCatalog(false);
   284         Catalog catalog = manager.getCatalog();
   285         try {
   286             if (catalogUrl != null) {
   287                 catalog.parseCatalog(catalogUrl);
   288             }
   289         } catch (IOException e) {
   290             throw new ServerRtException("server.rt.err",e);
   291         }
   292         return workaroundCatalogResolver(catalog);
   293     }
   295     /**
   296      * Gets a default EntityResolver for catalog at META-INF/jaxws-catalog.xml
   297      */
   298     public static EntityResolver createDefaultCatalogResolver() {
   300         // set up a manager
   301         CatalogManager manager = new CatalogManager();
   302         manager.setIgnoreMissingProperties(true);
   303         // Using static catalog may  result in to sharing of the catalog by multiple apps running in a container
   304         manager.setUseStaticCatalog(false);
   305         // parse the catalog
   306         ClassLoader cl = Thread.currentThread().getContextClassLoader();
   307         Enumeration<URL> catalogEnum;
   308         Catalog catalog = manager.getCatalog();
   309         try {
   310             if (cl == null) {
   311                 catalogEnum = ClassLoader.getSystemResources("META-INF/jax-ws-catalog.xml");
   312             } else {
   313                 catalogEnum = cl.getResources("META-INF/jax-ws-catalog.xml");
   314             }
   316             while(catalogEnum.hasMoreElements()) {
   317                 URL url = catalogEnum.nextElement();
   318                 catalog.parseCatalog(url);
   319             }
   320         } catch (IOException e) {
   321             throw new WebServiceException(e);
   322         }
   324         return workaroundCatalogResolver(catalog);
   325     }
   327     /**
   328      *  Default CatalogResolver implementation is broken as it depends on CatalogManager.getCatalog() which will always create a new one when
   329      *  useStaticCatalog is false.
   330      *  This returns a CatalogResolver that uses the catalog passed as parameter.
   331      * @param catalog
   332      * @return  CatalogResolver
   333      */
   334     private static CatalogResolver workaroundCatalogResolver(final Catalog catalog) {
   335         // set up a manager
   336         CatalogManager manager = new CatalogManager() {
   337             @Override
   338             public Catalog getCatalog() {
   339                 return catalog;
   340             }
   341         };
   342         manager.setIgnoreMissingProperties(true);
   343         // Using static catalog may  result in to sharing of the catalog by multiple apps running in a container
   344         manager.setUseStaticCatalog(false);
   346         return new CatalogResolver(manager);
   347     }
   349     /**
   350      * {@link ErrorHandler} that always treat the error as fatal.
   351      */
   352     public static final ErrorHandler DRACONIAN_ERROR_HANDLER = new ErrorHandler() {
   353         @Override
   354         public void warning(SAXParseException exception) {
   355         }
   357         @Override
   358         public void error(SAXParseException exception) throws SAXException {
   359             throw exception;
   360         }
   362         @Override
   363         public void fatalError(SAXParseException exception) throws SAXException {
   364             throw exception;
   365         }
   366     };
   368     public static DocumentBuilderFactory newDocumentBuilderFactory() {
   369         return newDocumentBuilderFactory(true);
   370     }
   372     public static DocumentBuilderFactory newDocumentBuilderFactory(boolean secureXmlProcessing) {
   373         DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
   374         try {
   375             factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, isXMLSecurityDisabled(secureXmlProcessing));
   376         } catch (ParserConfigurationException e) {
   377             LOGGER.log(Level.WARNING, "Factory [{0}] doesn't support secure xml processing!", new Object[] { factory.getClass().getName() } );
   378         }
   379         return factory;
   380     }
   382     public static TransformerFactory newTransformerFactory(boolean secureXmlProcessingEnabled) {
   383         TransformerFactory factory = TransformerFactory.newInstance();
   384         try {
   385             factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, isXMLSecurityDisabled(secureXmlProcessingEnabled));
   386         } catch (TransformerConfigurationException e) {
   387             LOGGER.log(Level.WARNING, "Factory [{0}] doesn't support secure xml processing!", new Object[]{factory.getClass().getName()});
   388         }
   389         return factory;
   390     }
   392     public static TransformerFactory newTransformerFactory() {
   393         return newTransformerFactory(true);
   394     }
   396     public static SAXParserFactory newSAXParserFactory(boolean secureXmlProcessingEnabled) {
   397         SAXParserFactory factory = SAXParserFactory.newInstance();
   398         try {
   399             factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, isXMLSecurityDisabled(secureXmlProcessingEnabled));
   400         } catch (Exception e) {
   401             LOGGER.log(Level.WARNING, "Factory [{0}] doesn't support secure xml processing!", new Object[]{factory.getClass().getName()});
   402         }
   403         return factory;
   404     }
   406     public static XPathFactory newXPathFactory(boolean secureXmlProcessingEnabled) {
   407         XPathFactory factory = XPathFactory.newInstance();
   408         try {
   409             factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, isXMLSecurityDisabled(secureXmlProcessingEnabled));
   410         } catch (XPathFactoryConfigurationException e) {
   411             LOGGER.log(Level.WARNING, "Factory [{0}] doesn't support secure xml processing!", new Object[] { factory.getClass().getName() } );
   412         }
   413         return factory;
   414     }
   416     public static XMLInputFactory newXMLInputFactory(boolean secureXmlProcessingEnabled)  {
   417         XMLInputFactory factory = XMLInputFactory.newInstance();
   418         if (isXMLSecurityDisabled(secureXmlProcessingEnabled)) {
   419             // TODO-Miran: are those apppropriate defaults?
   420             factory.setProperty(XMLInputFactory.SUPPORT_DTD, false);
   421             factory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
   422         }
   423         return factory;
   424     }
   426     private static boolean isXMLSecurityDisabled(boolean runtimeDisabled) {
   427         return XML_SECURITY_DISABLED || runtimeDisabled;
   428     }
   430     public static SchemaFactory allowExternalAccess(SchemaFactory sf, String value, boolean disableSecureProcessing) {
   432         // if xml security (feature secure processing) disabled, nothing to do, no restrictions applied
   433         if (isXMLSecurityDisabled(disableSecureProcessing)) {
   434             if (LOGGER.isLoggable(Level.FINE)) {
   435                 LOGGER.log(Level.FINE, "Xml Security disabled, no JAXP xsd external access configuration necessary.");
   436             }
   437             return sf;
   438         }
   440         if (System.getProperty("javax.xml.accessExternalSchema") != null) {
   441             if (LOGGER.isLoggable(Level.FINE)) {
   442                 LOGGER.log(Level.FINE, "Detected explicitly JAXP configuration, no JAXP xsd external access configuration necessary.");
   443             }
   444             return sf;
   445         }
   447         try {
   448             sf.setProperty(ACCESS_EXTERNAL_SCHEMA, value);
   449             if (LOGGER.isLoggable(Level.FINE)) {
   450                 LOGGER.log(Level.FINE, "Property \"{0}\" is supported and has been successfully set by used JAXP implementation.", new Object[]{ACCESS_EXTERNAL_SCHEMA});
   451             }
   452         } catch (SAXException ignored) {
   453             // nothing to do; support depends on version JDK or SAX implementation
   454             if (LOGGER.isLoggable(Level.CONFIG)) {
   455                 LOGGER.log(Level.CONFIG, "Property \"{0}\" is not supported by used JAXP implementation.", new Object[]{ACCESS_EXTERNAL_SCHEMA});
   456             }
   457         }
   458         return sf;
   459     }
   461 }

mercurial